#!/bin/sh

/bin/echo "Modify kernel params .........."
/bin/echo "1024"  > /proc/sys/net/ipv4/neigh/default/gc_thresh1
/bin/echo "2048"  > /proc/sys/net/ipv4/neigh/default/gc_thresh2
/bin/echo "8192"  > /proc/sys/net/ipv4/neigh/default/gc_thresh3
/bin/echo "10"    > /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_syn_sent
/bin/echo "10"    > /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_syn_recv
/bin/echo "30"    > /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_fin_wait
/bin/echo "30"    > /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_time_wait
/bin/echo "10"    > /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_close_wait
/bin/echo "10"    > /proc/sys/net/ipv4/netfilter/ip_conntrack_icmp_timeout

/bin/echo 8192    > /proc/sys/fs/file-max
/bin/echo 1       > /proc/sys/net/ipv4/tcp_abort_on_overflow
/bin/echo 4096    > /proc/sys/net/ipv4/tcp_max_orphans
/bin/echo 20480   > /proc/sys/net/ipv4/tcp_max_tw_buckets
/bin/echo 1       > /proc/sys/net/ipv4/tcp_tw_recycle
/bin/echo 1       > /proc/sys/net/ipv4/tcp_tw_reuse
/bin/echo 7200    > /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_established
/bin/echo 1       > /proc/sys/net/ipv4/tcp_syncookies
/bin/echo 1       > /proc/sys/net/ipv4/ip_forward

#/sbin/sysctl -w net.netfilter.nf_conntrack_acct=1 1>/dev/null 2>&1

#ip_conntrack_max 
BASE=1000000
Mem=`free | grep Mem | awk '{printf $2}'`

H=`expr $BASE \* 8`
M=`expr $BASE \* 4 `
L=`expr $BASE \* 2 `

if   [ $Mem -gt $H ]
then 
	echo "1200000" > /proc/sys/net/ipv4/netfilter/ip_conntrack_max
elif [ $Mem -gt $M ]
then 
	echo "800000" > /proc/sys/net/ipv4/netfilter/ip_conntrack_max
elif [ $Mem -gt $L ]
then
	echo "400000" > /proc/sys/net/ipv4/netfilter/ip_conntrack_max
else
	echo "200000" > /proc/sys/net/ipv4/netfilter/ip_conntrack_max
fi
